diff options
| author | Martin Willi <martin@strongswan.org> | 2009-10-12 14:40:21 +0200 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2009-10-12 14:40:21 +0200 |
| commit | 073e7dc062a1e99037809023c77c46bc4dc706b4 (patch) | |
| tree | c4fa90b6eecc623104bc6b25710bfdad8ffdd534 | |
| parent | f7897b64f622cf2b736faec7976628c98a9eeff7 (diff) | |
| download | strongswan-073e7dc062a1e99037809023c77c46bc4dc706b4.tar.bz2 strongswan-073e7dc062a1e99037809023c77c46bc4dc706b4.tar.xz | |
Merged SIM/USIM manager/card/provider, avoids code duplication
| -rw-r--r-- | src/charon/Makefile.am | 1 | ||||
| -rw-r--r-- | src/charon/daemon.c | 3 | ||||
| -rw-r--r-- | src/charon/daemon.h | 8 | ||||
| -rw-r--r-- | src/charon/plugins/eap_aka/eap_aka.c | 12 | ||||
| -rw-r--r-- | src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c | 9 | ||||
| -rw-r--r-- | src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h | 8 | ||||
| -rw-r--r-- | src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h | 2 | ||||
| -rw-r--r-- | src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c | 12 | ||||
| -rw-r--r-- | src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h | 2 | ||||
| -rw-r--r-- | src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c | 5 | ||||
| -rw-r--r-- | src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h | 8 | ||||
| -rw-r--r-- | src/charon/plugins/eap_sim_file/eap_sim_file_card.c | 14 | ||||
| -rw-r--r-- | src/charon/plugins/eap_sim_file/eap_sim_file_provider.c | 6 | ||||
| -rw-r--r-- | src/charon/sa/authenticators/eap/sim_manager.h | 89 | ||||
| -rw-r--r-- | src/charon/sa/authenticators/eap/usim_manager.c | 123 | ||||
| -rw-r--r-- | src/charon/sa/authenticators/eap/usim_manager.h | 167 |
16 files changed, 129 insertions, 340 deletions
diff --git a/src/charon/Makefile.am b/src/charon/Makefile.am index ef378dacd..6b5a340cb 100644 --- a/src/charon/Makefile.am +++ b/src/charon/Makefile.am @@ -71,7 +71,6 @@ sa/authenticators/eap_authenticator.c sa/authenticators/eap_authenticator.h \ sa/authenticators/eap/eap_method.c sa/authenticators/eap/eap_method.h \ sa/authenticators/eap/eap_manager.c sa/authenticators/eap/eap_manager.h \ sa/authenticators/eap/sim_manager.c sa/authenticators/eap/sim_manager.h \ -sa/authenticators/eap/usim_manager.c sa/authenticators/eap/usim_manager.h \ sa/authenticators/psk_authenticator.c sa/authenticators/psk_authenticator.h \ sa/authenticators/pubkey_authenticator.c sa/authenticators/pubkey_authenticator.h \ sa/child_sa.c sa/child_sa.h \ diff --git a/src/charon/daemon.c b/src/charon/daemon.c index 9f7abf799..490357c13 100644 --- a/src/charon/daemon.c +++ b/src/charon/daemon.c @@ -190,7 +190,6 @@ static void destroy(private_daemon_t *this) DESTROY_IF(this->public.controller); DESTROY_IF(this->public.eap); DESTROY_IF(this->public.sim); - DESTROY_IF(this->public.usim); #ifdef ME DESTROY_IF(this->public.connect_manager); DESTROY_IF(this->public.mediation_manager); @@ -487,7 +486,6 @@ static bool initialize(private_daemon_t *this, bool syslog, level_t levels[]) this->public.controller = controller_create(); this->public.eap = eap_manager_create(); this->public.sim = sim_manager_create(); - this->public.usim = usim_manager_create(); this->public.backends = backend_manager_create(); this->public.attributes = attribute_manager_create(); this->public.kernel_interface = kernel_interface_create(); @@ -570,7 +568,6 @@ private_daemon_t *daemon_create(void) this->public.controller = NULL; this->public.eap = NULL; this->public.sim = NULL; - this->public.usim = NULL; this->public.bus = NULL; this->public.file_loggers = linked_list_create(); this->public.sys_loggers = linked_list_create(); diff --git a/src/charon/daemon.h b/src/charon/daemon.h index 3af0b9b2f..2b863f7d8 100644 --- a/src/charon/daemon.h +++ b/src/charon/daemon.h @@ -163,7 +163,6 @@ typedef struct daemon_t daemon_t; #include <credentials/credential_manager.h> #include <sa/authenticators/eap/eap_manager.h> #include <sa/authenticators/eap/sim_manager.h> -#include <sa/authenticators/eap/usim_manager.h> #ifdef ME #include <sa/connect_manager.h> @@ -282,15 +281,10 @@ struct daemon_t { eap_manager_t *eap; /** - * SIM manager to maintain SIM cards/providers + * SIM manager to maintain (U)SIM cards/providers */ sim_manager_t *sim; - /** - * USIM manager to maintain USIM cards/providers - */ - usim_manager_t *usim; - #ifdef ME /** * Connect manager diff --git a/src/charon/plugins/eap_aka/eap_aka.c b/src/charon/plugins/eap_aka/eap_aka.c index f15ff924f..ab1f69de1 100644 --- a/src/charon/plugins/eap_aka/eap_aka.c +++ b/src/charon/plugins/eap_aka/eap_aka.c @@ -496,11 +496,11 @@ static u_char get_identifier() static status_t server_initiate(private_eap_aka_t *this, eap_payload_t **out) { enumerator_t *enumerator; - usim_provider_t *provider; + sim_provider_t *provider; char ck[AKA_CK_LEN], ik[AKA_IK_LEN], autn[AKA_AUTN_LEN]; bool found = FALSE; - enumerator = charon->usim->create_provider_enumerator(charon->usim); + enumerator = charon->sim->create_provider_enumerator(charon->sim); while (enumerator->enumerate(enumerator, &provider)) { if (provider->get_quintuplet(provider, this->peer, this->rand, @@ -537,7 +537,7 @@ static status_t server_process_synchronize(private_eap_aka_t *this, chunk_t attr, message, pos, auts = chunk_empty; aka_attribute_t attribute; enumerator_t *enumerator; - usim_provider_t *provider; + sim_provider_t *provider; bool found = FALSE; message = in->get_data(in); @@ -572,7 +572,7 @@ static status_t server_process_synchronize(private_eap_aka_t *this, return FAILED; } - enumerator = charon->usim->create_provider_enumerator(charon->usim); + enumerator = charon->sim->create_provider_enumerator(charon->sim); while (enumerator->enumerate(enumerator, &provider)) { if (provider->resync(provider, this->peer, this->rand, auts.ptr)) @@ -708,7 +708,7 @@ static status_t peer_process_challenge(private_eap_aka_t *this, aka_attribute_t attribute; u_int8_t identifier; enumerator_t *enumerator; - usim_card_t *card; + sim_card_t *card; u_char res[AKA_RES_LEN], ck[AKA_CK_LEN], ik[AKA_IK_LEN], auts[AKA_AUTS_LEN]; status_t status = NOT_FOUND; @@ -759,7 +759,7 @@ static status_t peer_process_challenge(private_eap_aka_t *this, return NEED_MORE; } - enumerator = charon->usim->create_card_enumerator(charon->usim); + enumerator = charon->sim->create_card_enumerator(charon->sim); while (enumerator->enumerate(enumerator, &card)) { status = card->get_quintuplet(card, this->peer, rand.ptr, autn.ptr, diff --git a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c index 7c25e20a4..19ca90b80 100644 --- a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c +++ b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c @@ -52,7 +52,7 @@ bool eap_aka_3gpp2_get_k(identification_t *id, char k[AKA_K_LEN]); void eap_aka_3gpp2_get_sqn(char sqn[AKA_SQN_LEN], int offset); /** - * Implementation of usim_card_t.get_quintuplet + * Implementation of sim_card_t.get_quintuplet */ static status_t get_quintuplet(private_eap_aka_3gpp2_card_t *this, identification_t *imsi, char rand[AKA_RAND_LEN], @@ -111,7 +111,7 @@ static status_t get_quintuplet(private_eap_aka_3gpp2_card_t *this, } /** - * Implementation of usim_card_t.resync + * Implementation of sim_card_t.resync */ static bool resync(private_eap_aka_3gpp2_card_t *this, identification_t *imsi, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]) @@ -151,8 +151,9 @@ eap_aka_3gpp2_card_t *eap_aka_3gpp2_card_create(eap_aka_3gpp2_functions_t *f) { private_eap_aka_3gpp2_card_t *this = malloc_thing(private_eap_aka_3gpp2_card_t); - this->public.card.get_quintuplet = (status_t(*)(usim_card_t*, identification_t *imsi, char rand[16], char autn[16], char ck[16], char ik[16], char res[16]))get_quintuplet; - this->public.card.resync = (bool(*)(usim_card_t*, identification_t *imsi, char rand[16], char auts[14]))resync; + this->public.card.get_triplet = (bool(*)(sim_card_t*, identification_t *imsi, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))return_false(); + this->public.card.get_quintuplet = (status_t(*)(sim_card_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char res[AKA_RES_LEN]))get_quintuplet; + this->public.card.resync = (bool(*)(sim_card_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))resync; this->public.destroy = (void(*)(eap_aka_3gpp2_card_t*))destroy; this->f = f; diff --git a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h index c3dca0aba..1849d7b5e 100644 --- a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h +++ b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h @@ -23,19 +23,19 @@ #include "eap_aka_3gpp2_functions.h" -#include <sa/authenticators/eap/usim_manager.h> +#include <sa/authenticators/eap/sim_manager.h> typedef struct eap_aka_3gpp2_card_t eap_aka_3gpp2_card_t; /** - * USIM card implementation using a set of AKA functions. + * SIM card implementation using a set of AKA functions. */ struct eap_aka_3gpp2_card_t { /** - * Implements usim_card_t interface + * Implements sim_card_t interface */ - usim_card_t card; + sim_card_t card; /** * Destroy a eap_aka_3gpp2_card_t. diff --git a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h index 4b3a08087..ed7f62abc 100644 --- a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h +++ b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h @@ -21,7 +21,7 @@ #ifndef EAP_AKA_3GPP2_FUNCTIONS_H_ #define EAP_AKA_3GPP2_FUNCTIONS_H_ -#include <sa/authenticators/eap/usim_manager.h> +#include <sa/authenticators/eap/sim_manager.h> #define AKA_SQN_LEN 6 #define AKA_K_LEN 16 diff --git a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c index 7055f2554..5286e0986 100644 --- a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c +++ b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c @@ -33,12 +33,12 @@ struct private_eap_aka_3gpp2_t { eap_aka_3gpp2_plugin_t public; /** - * USIM card + * SIM card */ eap_aka_3gpp2_card_t *card; /** - * USIM provider + * SIM provider */ eap_aka_3gpp2_provider_t *provider; @@ -53,8 +53,8 @@ struct private_eap_aka_3gpp2_t { */ static void destroy(private_eap_aka_3gpp2_t *this) { - charon->usim->remove_card(charon->usim, &this->card->card); - charon->usim->remove_provider(charon->usim, &this->provider->provider); + charon->sim->remove_card(charon->sim, &this->card->card); + charon->sim->remove_provider(charon->sim, &this->provider->provider); this->card->destroy(this->card); this->provider->destroy(this->provider); this->functions->destroy(this->functions); @@ -79,8 +79,8 @@ plugin_t *plugin_create() this->card = eap_aka_3gpp2_card_create(this->functions); this->provider = eap_aka_3gpp2_provider_create(this->functions); - charon->usim->add_card(charon->usim, &this->card->card); - charon->usim->add_provider(charon->usim, &this->provider->provider); + charon->sim->add_card(charon->sim, &this->card->card); + charon->sim->add_provider(charon->sim, &this->provider->provider); return &this->public.plugin; } diff --git a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h index 68ddce926..ed5c4cf3e 100644 --- a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h +++ b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h @@ -29,7 +29,7 @@ typedef struct eap_aka_3gpp2_plugin_t eap_aka_3gpp2_plugin_t; /** - * Plugin to provide a USIM card/provider using the 3GPP2 (S.S0055) standard. + * Plugin to provide a SIM card/provider using the 3GPP2 (S.S0055) standard. * * This plugin implements the standard of the 3GPP2 (S.S0055) and not the one * of 3GGP, completely in software using the libgmp library.. diff --git a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c index 2c285b336..fe9575123 100644 --- a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c +++ b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c @@ -184,8 +184,9 @@ eap_aka_3gpp2_provider_t *eap_aka_3gpp2_provider_create( { private_eap_aka_3gpp2_provider_t *this = malloc_thing(private_eap_aka_3gpp2_provider_t); - this->public.provider.get_quintuplet = (bool(*)(usim_provider_t*, identification_t *imsi, char rand[16], char xres[16], char ck[16], char ik[16], char autn[16]))get_quintuplet; - this->public.provider.resync = (bool(*)(usim_provider_t*, identification_t *imsi, char rand[16], char auts[14]))resync; + this->public.provider.get_triplet = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))return_false; + this->public.provider.get_quintuplet = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char xres[AKA_RES_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char autn[AKA_AUTN_LEN]))get_quintuplet; + this->public.provider.resync = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))resync; this->public.destroy = (void(*)(eap_aka_3gpp2_provider_t*))destroy; this->f = f; diff --git a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h index c05334c14..6342f92d7 100644 --- a/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h +++ b/src/charon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h @@ -23,19 +23,19 @@ #include "eap_aka_3gpp2_functions.h" -#include <sa/authenticators/eap/usim_manager.h> +#include <sa/authenticators/eap/sim_manager.h> typedef struct eap_aka_3gpp2_provider_t eap_aka_3gpp2_provider_t; /** - * USIM provider implementation using a set of AKA functions. + * SIM provider implementation using a set of AKA functions. */ struct eap_aka_3gpp2_provider_t { /** - * Implements usim_provider_t interface. + * Implements sim_provider_t interface. */ - usim_provider_t provider; + sim_provider_t provider; /** * Destroy a eap_aka_3gpp2_provider_t. diff --git a/src/charon/plugins/eap_sim_file/eap_sim_file_card.c b/src/charon/plugins/eap_sim_file/eap_sim_file_card.c index 65e9f760a..c2c51e2ea 100644 --- a/src/charon/plugins/eap_sim_file/eap_sim_file_card.c +++ b/src/charon/plugins/eap_sim_file/eap_sim_file_card.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008 Martin Willi + * Copyright (C) 2008-2009 Martin Willi * Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -68,6 +68,14 @@ static bool get_triplet(private_eap_sim_file_card_t *this, } /** + * Implementation of sim_card_t.get_quintuplet + */ +static bool get_quintuplet() +{ + return NOT_SUPPORTED; +} + +/** * Implementation of eap_sim_file_card_t.destroy. */ static void destroy(private_eap_sim_file_card_t *this) @@ -82,7 +90,9 @@ eap_sim_file_card_t *eap_sim_file_card_create(eap_sim_file_triplets_t *triplets) { private_eap_sim_file_card_t *this = malloc_thing(private_eap_sim_file_card_t); - this->public.card.get_triplet = (bool(*)(sim_card_t*, identification_t *imsi, char *rand, char *sres, char *kc))get_triplet; + this->public.card.get_triplet = (bool(*)(sim_card_t*, identification_t *imsi, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))get_triplet; + this->public.card.get_quintuplet = (status_t(*)(sim_card_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char res[AKA_RES_LEN]))get_quintuplet; + this->public.card.resync = (bool(*)(sim_card_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))return_false; this->public.destroy = (void(*)(eap_sim_file_card_t*))destroy; this->triplets = triplets; diff --git a/src/charon/plugins/eap_sim_file/eap_sim_file_provider.c b/src/charon/plugins/eap_sim_file/eap_sim_file_provider.c index 43fb1b840..eebebdb70 100644 --- a/src/charon/plugins/eap_sim_file/eap_sim_file_provider.c +++ b/src/charon/plugins/eap_sim_file/eap_sim_file_provider.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008 Martin Willi + * Copyright (C) 2008-2009 Martin Willi * Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -76,7 +76,9 @@ eap_sim_file_provider_t *eap_sim_file_provider_create( { private_eap_sim_file_provider_t *this = malloc_thing(private_eap_sim_file_provider_t); - this->public.provider.get_triplet = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[16], char sres[4], char kc[8]))get_triplet; + this->public.provider.get_triplet = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))get_triplet; + this->public.provider.get_quintuplet = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char xres[AKA_RES_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char autn[AKA_AUTN_LEN]))return_false; + this->public.provider.resync = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))return_false; this->public.destroy = (void(*)(eap_sim_file_provider_t*))destroy; this->triplets = triplets; diff --git a/src/charon/sa/authenticators/eap/sim_manager.h b/src/charon/sa/authenticators/eap/sim_manager.h index bc77ad0d9..d8d747afd 100644 --- a/src/charon/sa/authenticators/eap/sim_manager.h +++ b/src/charon/sa/authenticators/eap/sim_manager.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008 Martin Willi + * Copyright (C) 2008-2009 Martin Willi * Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -32,13 +32,25 @@ typedef struct sim_provider_t sim_provider_t; #define SIM_SRES_LEN 4 #define SIM_KC_LEN 8 +#define AKA_RAND_LEN 16 +#define AKA_RES_LEN 16 +#define AKA_CK_LEN 16 +#define AKA_IK_LEN 16 +#define AKA_AUTN_LEN 16 +#define AKA_AUTS_LEN 14 + /** - * Interface for a SIM card (used as EAP client). + * Interface for a (U)SIM card (used as EAP client). + * + * The SIM card completes triplets/quintuplets requested in a challenge + * received from the server. + * An implementation supporting only one of SIM/AKA authentication may + * implement the other methods with return_false()/return NOT_SUPPORTED. */ struct sim_card_t { /** - * Calculate SRES/KC from a RAND. + * Calculate SRES/KC from a RAND for SIM authentication. * * @param imsi identity to get a triplet for * @param rand RAND input buffer, fixed size 16 bytes @@ -49,15 +61,51 @@ struct sim_card_t { bool (*get_triplet)(sim_card_t *this, identification_t *imsi, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]); + + /** + * Calculate CK/IK/RES from RAND/AUTN for AKA authentication. + * + * If the received sequence number (in autn) is out of sync, INVALID_STATE + * is returned. + * + * @param imsi peer identity requesting quintuplet for + * @param rand random value rand + * @param autn authentication token autn + * @param ck buffer receiving encryption key ck + * @param ik buffer receiving integrity key ik + * @param res buffer receiving authentication result res + * @return SUCCESS, FAILED, or INVALID_STATE if out of sync + */ + status_t (*get_quintuplet)(sim_card_t *this, identification_t *imsi, + char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], + char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], + char res[AKA_RES_LEN]); + + /** + * Calculate AUTS from RAND for AKA resynchronization. + * + * @param imsi peer identity requesting quintuplet for + * @param rand random value rand + * @param auts resynchronization parameter auts + * @return TRUE if parameter generated successfully + */ + bool (*resync)(sim_card_t *this, identification_t *imsi, + char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]); }; /** - * Interface for a triplet provider (used as EAP server). + * Interface for a triplet/quintuplet provider (used as EAP server). + * + * A SIM provider hands out triplets for SIM authentication and quintuplets + * for AKA authentication. Multiple SIM provider instances can serve as + * authentication backend to authenticate clients using SIM/AKA. + * An implementation supporting only one of SIM/AKA authentication may + * implement the other methods with return_false(). */ struct sim_provider_t { /** - * Get a single triplet to authenticate a EAP client. + * Create a challenge for SIM authentication. * * @param imsi client identity * @param rand RAND output buffer, fixed size 16 bytes @@ -68,10 +116,37 @@ struct sim_provider_t { bool (*get_triplet)(sim_provider_t *this, identification_t *imsi, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]); + + /** + * Create a challenge for AKA authentication. + * + * @param imsi peer identity to create challenge for + * @param rand buffer receiving random value rand + * @param xres buffer receiving expected authentication result xres + * @param ck buffer receiving encryption key ck + * @param ik buffer receiving integrity key ik + * @param autn authentication token autn + * @return TRUE if quintuplet generated successfully + */ + bool (*get_quintuplet)(sim_provider_t *this, identification_t *imsi, + char rand[AKA_RAND_LEN], char xres[AKA_RES_LEN], + char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], + char autn[AKA_AUTN_LEN]); + + /** + * Process AKA resynchroniusation request of a peer. + * + * @param imsi peer identity requesting resynchronisation + * @param rand random value rand + * @param auts synchronization parameter auts + * @return TRUE if resynchronized successfully + */ + bool (*resync)(sim_provider_t *this, identification_t *imsi, + char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]); }; /** - * The EAP-SIM manager handles multiple SIM cards and providers. + * The SIM manager handles multiple (U)SIM cards and providers. */ struct sim_manager_t { @@ -124,7 +199,7 @@ struct sim_manager_t { }; /** - * Create an SIM manager to handle multiple SIM cards/providers. + * Create an SIM manager to handle multiple (U)SIM cards/providers. * * @return sim_t object */ diff --git a/src/charon/sa/authenticators/eap/usim_manager.c b/src/charon/sa/authenticators/eap/usim_manager.c deleted file mode 100644 index fa86e7320..000000000 --- a/src/charon/sa/authenticators/eap/usim_manager.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "usim_manager.h" - -#include <utils/linked_list.h> - -typedef struct private_usim_manager_t private_usim_manager_t; - -/** - * Private data of an usim_manager_t object. - */ -struct private_usim_manager_t { - - /** - * Public usim_manager_t interface. - */ - usim_manager_t public; - - /** - * list of added cards - */ - linked_list_t *cards; - - /** - * list of added provider - */ - linked_list_t *provider; -}; - -/** - * Implementation of usim_manager_t.add_card - */ -static void add_card(private_usim_manager_t *this, usim_card_t *card) -{ - this->cards->insert_last(this->cards, card); -} - -/** - * Implementation of usim_manager_t.remove_card - */ -static void remove_card(private_usim_manager_t *this, usim_card_t *card) -{ - this->cards->remove(this->cards, card, NULL); -} - -/** - * Implementation of usim_manager_t.create_card_enumerator - */ -static enumerator_t* create_card_enumerator(private_usim_manager_t *this) -{ - return this->cards->create_enumerator(this->cards); -} - -/** - * Implementation of usim_manager_t.add_provider - */ -static void add_provider(private_usim_manager_t *this, - usim_provider_t *provider) -{ - this->provider->insert_last(this->provider, provider); -} - -/** - * Implementation of usim_manager_t.remove_provider - */ -static void remove_provider(private_usim_manager_t *this, - usim_provider_t *provider) -{ - this->provider->remove(this->provider, provider, NULL); -} - -/** - * Implementation of usim_manager_t.create_provider_enumerator - */ -static enumerator_t* create_provider_enumerator(private_usim_manager_t *this) -{ - return this->provider->create_enumerator(this->provider); -} - -/** - * Implementation of usim_manager_t.destroy. - */ -static void destroy(private_usim_manager_t *this) -{ - this->cards->destroy(this->cards); - this->provider->destroy(this->provider); - free(this); -} - -/** - * See header - */ -usim_manager_t *usim_manager_create() -{ - private_usim_manager_t *this = malloc_thing(private_usim_manager_t); - - this->public.add_card = (void(*)(usim_manager_t*, usim_card_t *card))add_card; - this->public.remove_card = (void(*)(usim_manager_t*, usim_card_t *card))remove_card; - this->public.create_card_enumerator = (enumerator_t*(*)(usim_manager_t*))create_card_enumerator; - this->public.add_provider = (void(*)(usim_manager_t*, usim_provider_t *provider))add_provider; - this->public.remove_provider = (void(*)(usim_manager_t*, usim_provider_t *provider))remove_provider; - this->public.create_provider_enumerator = (enumerator_t*(*)(usim_manager_t*))create_provider_enumerator; - this->public.destroy = (void(*)(usim_manager_t*))destroy; - - this->cards = linked_list_create(); - this->provider = linked_list_create(); - - return &this->public; -} - diff --git a/src/charon/sa/authenticators/eap/usim_manager.h b/src/charon/sa/authenticators/eap/usim_manager.h deleted file mode 100644 index 230cb4176..000000000 --- a/src/charon/sa/authenticators/eap/usim_manager.h +++ /dev/null @@ -1,167 +0,0 @@ -/* - * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup usim_manager usim_manager - * @{ @ingroup eap - */ - -#ifndef USIM_MANAGER_H_ -#define USIM_MANAGER_H_ - -#include <utils/identification.h> -#include <utils/enumerator.h> - -typedef struct usim_manager_t usim_manager_t; -typedef struct usim_card_t usim_card_t; -typedef struct usim_provider_t usim_provider_t; - -#define AKA_RAND_LEN 16 -#define AKA_RES_LEN 16 -#define AKA_CK_LEN 16 -#define AKA_IK_LEN 16 -#define AKA_AUTN_LEN 16 -#define AKA_AUTS_LEN 14 - -/** - * Interface for a USIM card (used by EAP-AKA client). - */ -struct usim_provider_t { - - /** - * Create a challenge for AKA authentication. - * - * @param imsi peer identity to create challenge for - * @param rand buffer receiving random value rand - * @param xres buffer receiving expected authentication result xres - * @param ck buffer receiving encryption key ck - * @param ik buffer receiving integrity key ik - * @param autn authentication token autn - * @return TRUE if quintuplet generated successfully - */ - bool (*get_quintuplet)(usim_provider_t *this, identification_t *imsi, - char rand[AKA_RAND_LEN], char xres[AKA_RES_LEN], - char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], - char autn[AKA_AUTN_LEN]); - - /** - * Process resynchroniusation request of a peer. - * - * @param imsi peer identity requesting resynchronisation - * @param rand random value rand - * @param auts synchronization parameter auts - * @return TRUE if resynchronized successfully - */ - bool (*resync)(usim_provider_t *this, identification_t *imsi, - char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]); -}; - -/** - * Interface for a quintuplet provider (used by EAP-AKA server). - */ -struct usim_card_t { - - /** - * Process authentication data and complete the quintuplet. - * - * If the received sequence number (in autn) is out of synf, INVALID_STATE - * is returned. - * - * @param imsi peer identity requesting quintuplet for - * @param rand random value rand - * @param autn authentication token autn - * @param ck buffer receiving encryption key ck - * @param ik buffer receiving integrity key ik - * @param res buffer receiving authentication result res - * @return SUCCESS, FAILED, or INVALID_STATE if out of sync - */ - status_t (*get_quintuplet)(usim_card_t *this, identification_t *imsi, - char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], - char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], - char res[AKA_RES_LEN]); - - /** - * Request parameter to start resynchronization. - * - * @param imsi peer identity requesting quintuplet for - * @param rand random value rand - * @param auts resynchronization parameter auts - * @return TRUE if parameter generated successfully - */ - bool (*resync)(usim_card_t *this, identification_t *imsi, - char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]); -}; - -/** - * The EAP-AKA USIM manager handles multiple USIM cards and providers. - */ -struct usim_manager_t { - - /** - * Register a USIM card (client) at the manager. - * - * @param card usim card to register - */ - void (*add_card)(usim_manager_t *this, usim_card_t *card); - - /** - * Unregister a previously registered card from the manager. - * - * @param card usim card to unregister - */ - void (*remove_card)(usim_manager_t *this, usim_card_t *card); - - /** - * Create an enumerator over all registered cards. - * - * @return enumerator over usim_card_t's - */ - enumerator_t* (*create_card_enumerator)(usim_manager_t *this); - - /** - * Register a triplet provider (server) at the manager. - * - * @param card usim card to register - */ - void (*add_provider)(usim_manager_t *this, usim_provider_t *provider); - - /** - * Unregister a previously registered provider from the manager. - * - * @param card usim card to unregister - */ - void (*remove_provider)(usim_manager_t *this, usim_provider_t *provider); - - /** - * Create an enumerator over all registered provider. - * - * @return enumerator over Usim_provider_t's - */ - enumerator_t* (*create_provider_enumerator)(usim_manager_t *this); - - /** - * Destroy a manager instance. - */ - void (*destroy)(usim_manager_t *this); -}; - -/** - * Create an USIM manager to handle multiple USIM cards/providers. - * - * @return usim_t object - */ -usim_manager_t *usim_manager_create(); - -#endif /** USIM_MANAGER_H_ @}*/ |